Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft
File:                     TuwmeuLxv5Xm16FCCA5d96MTlJI.mft (raw, json)
Hash identifier:          UM2MgfBJduvTMLNKbZwOZvjOV0QZHJjKP9s9K3j71qc=
Subject key identifier:   AA:6B:9D:F1:2F:3A:A4:45:3A:52:5B:B8:52:81:02:21:DF:85:3D:FE
Authority key identifier: 4E:EC:26:7A:E2:F1:BF:95:E6:D7:A1:42:08:0E:5D:F7:A3:13:94:92
Certificate issuer:       /CN=4eec267ae2f1bf95e6d7a142080e5df7a3139492
Certificate serial:       01975A5BC676D6F66313C66CC2BEE786A9BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft
Manifest number:          0A68
Signing time:             Tue 10 Jun 2025 15:00:53 +0000
Manifest this update:     Tue 10 Jun 2025 15:00:53 +0000
Manifest next update:     Wed 11 Jun 2025 15:00:53 +0000
Files and hashes:         1: TuwmeuLxv5Xm16FCCA5d96MTlJI.crl (hash: XctQNMKGvA7SHUQYfgG14aAuKoo7pOlj/Cu3/qv44Us=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5a:5b:c6:76:d6:f6:63:13:c6:6c:c2:be:e7:86:a9:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4eec267ae2f1bf95e6d7a142080e5df7a3139492
        Validity
            Not Before: Jun 10 15:00:53 2025 GMT
            Not After : Jun 11 15:00:53 2025 GMT
        Subject: CN=aa6b9df12f3aa4453a525bb852810221df853dfe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:70:89:72:67:8d:73:cd:96:7e:32:5e:c7:d7:
                    f6:d4:2b:fb:b1:7a:a4:35:13:7a:7b:dc:6e:92:7a:
                    2e:8f:e1:89:bb:26:f5:db:8b:78:76:ee:d3:00:8b:
                    dc:8f:9c:b0:3a:9a:9a:2b:e6:37:07:93:54:b6:f0:
                    98:2f:a0:b8:0c:13:9c:4c:0d:47:e0:75:b5:2c:95:
                    48:47:89:d5:5f:b8:e0:61:c1:82:65:26:9d:93:d7:
                    fa:09:85:c3:f3:f0:e8:96:69:55:2a:75:d6:96:41:
                    7c:86:89:16:f1:eb:60:2f:de:63:86:a6:c3:04:c5:
                    f6:23:42:62:19:79:73:5a:38:16:00:a0:cf:ca:7e:
                    98:0a:26:ce:83:a3:d5:e2:af:16:df:b9:c9:81:f6:
                    ea:e3:fc:f3:e8:66:eb:93:2e:0d:f7:9d:45:18:39:
                    3f:85:88:a6:68:91:b2:c6:65:73:09:d7:df:3f:46:
                    88:eb:e9:f0:f3:bd:9f:e5:65:59:e7:03:6e:b3:3b:
                    4d:4c:c3:cc:49:1b:2e:a8:ce:f9:c3:61:bf:3d:b6:
                    ae:aa:d3:83:0c:7d:66:b6:17:94:db:aa:53:b5:79:
                    55:95:63:08:09:55:a4:22:5b:3e:99:7c:ff:8a:4e:
                    e1:39:ad:b4:be:0a:5e:5e:01:cc:4c:c7:50:49:74:
                    0c:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:6B:9D:F1:2F:3A:A4:45:3A:52:5B:B8:52:81:02:21:DF:85:3D:FE
            X509v3 Authority Key Identifier:
                keyid:4E:EC:26:7A:E2:F1:BF:95:E6:D7:A1:42:08:0E:5D:F7:A3:13:94:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:56:b5:1d:9f:df:9f:cf:50:ec:e6:cb:a0:a9:3f:6c:ab:cc:
         06:b4:fb:d1:a9:2e:c0:59:4a:ff:ba:b7:e7:af:44:02:cc:7d:
         74:7c:5f:2b:16:59:fa:04:21:54:5c:50:8e:49:29:15:06:a5:
         c2:c6:bb:eb:db:08:e7:71:9e:8c:35:f1:6a:a6:68:8e:4c:0a:
         19:42:40:47:b8:cd:98:b4:f6:72:e6:65:ad:e2:43:de:41:87:
         3c:a6:91:71:6c:a2:2d:fd:d9:96:53:f9:32:03:1d:b4:ae:94:
         8e:e2:81:9a:bb:bd:12:ab:f8:55:b4:01:06:fd:5c:cc:ad:55:
         14:4d:0c:69:71:67:08:a8:45:87:2a:b9:d1:f0:24:4c:54:cc:
         45:cb:2e:b5:f5:5c:9d:16:21:9e:b6:2f:82:a0:00:72:2f:5b:
         1b:39:d5:05:30:4b:41:b9:6c:69:0d:3b:76:b7:06:ee:74:c8:
         1f:fe:75:1a:8f:fa:b4:7f:e4:b3:3a:6d:07:b9:dd:df:22:bf:
         90:85:8f:00:23:08:cd:51:e4:ef:72:7d:f8:e8:62:cf:93:e6:
         7b:d3:6d:6b:93:b1:da:af:f5:0d:a7:0c:b7:62:a1:2b:04:89:
         42:e4:15:c2:89:5e:51:e1:43:ce:86:1e:16:e2:29:e3:f7:d4:
         8c:57:d9:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdaW8Z21vZjE8Zswr7nhqm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZWMyNjdhZTJmMWJmOTVlNmQ3YTE0MjA4MGU1ZGY3YTMx
Mzk0OTIwHhcNMjUwNjEwMTUwMDUzWhcNMjUwNjExMTUwMDUzWjAzMTEwLwYDVQQD
EyhhYTZiOWRmMTJmM2FhNDQ1M2E1MjViYjg1MjgxMDIyMWRmODUzZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3CJcmeNc82WfjJex9f21Cv7sXqk
NRN6e9xuknouj+GJuyb124t4du7TAIvcj5ywOpqaK+Y3B5NUtvCYL6C4DBOcTA1H
4HW1LJVIR4nVX7jgYcGCZSadk9f6CYXD8/DolmlVKnXWlkF8hokW8etgL95jhqbD
BMX2I0JiGXlzWjgWAKDPyn6YCibOg6PV4q8W37nJgfbq4/zz6Gbrky4N951FGDk/
hYimaJGyxmVzCdffP0aI6+nw872f5WVZ5wNusztNTMPMSRsuqM75w2G/PbauqtOD
DH1mtheU26pTtXlVlWMICVWkIls+mXz/ik7hOa20vgpeXgHMTMdQSXQMoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKprnfEvOqRFOlJbuFKBAiHfhT3+MB8GA1UdIwQY
MBaAFE7sJnri8b+V5tehQggOXfejE5SSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS82OGI0NjQtMjQ2MC00ZTUzLWFkZTMt
NmI5NmM4MzYxMjY1LzEvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS82OGI0NjQtMjQ2MC00ZTUzLWFkZTMtNmI5NmM4MzYxMjY1
LzEvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADVa1HZ/f
n89Q7ObLoKk/bKvMBrT70akuwFlK/7q3569EAsx9dHxfKxZZ+gQhVFxQjkkpFQal
wsa769sI53GejDXxaqZojkwKGUJAR7jNmLT2cuZlreJD3kGHPKaRcWyiLf3ZllP5
MgMdtK6UjuKBmru9Eqv4VbQBBv1czK1VFE0MaXFnCKhFhyq50fAkTFTMRcsutfVc
nRYhnrYvgqAAci9bGznVBTBLQblsaQ07drcG7nTIH/51Go/6tH/kszptB7nd3yK/
kIWPACMIzVHk73J9+Ohiz5Pme9Nta5Ox2q/1DacMt2KhKwSJQuQVwoleUeFDzoYe
FuIp4/fUjFfZMw==
-----END CERTIFICATE-----